Entire Site
About
Accounting Education
Advocacy
AICPA News
AICPA Store
Become a CPA
Business, Industry & Government
Career
Center for Audit Quality
CPE & Conferences
Employee Benefit Plan Audit Quality Center
Financial Reporting Center
Firm Practice Management - PCPS
For the Public
Forensic & Valuation
Governmental Audit Quality Center
Information Management and Technology Assurance
Membership
Peer Review
Personal Financial Planning
Press
Professional Ethics
Publications
Research
Tax
Volunteer
Young CPA Network
Sign In
Sign Out
My Account
About
Volunteer
Join
Press
Help
x
Username
Password
Remember Me
Register
|
Forgot Username?
|
Password?
Membership
Annual Dues
Benefits
Join
Requirements
AICPA News
AICPA Insights
Press Center
AICPA TV
Featured News
Chair's Letter
Publications
Accounting & Auditing
Authoritative Standards
Business Valuation
Financial Management & Reporting
Fraud and Forensic
Internal Control
Personal Financial Planning
Practice Management
Tax
Newsletters
Journal of Accountancy
The Tax Adviser
CPE & Conferences
Professional Development
Conferences
CPE Requirements
Live Web Events
Interest Areas
Accounting Education
Business, Industry & Government
Center for Audit Quality
CGMA.org
Employee Benefit Plan Audit Quality Center
Financial Reporting Center
Firm Practice Management - PCPS
Forensic & Valuation
Governmental Audit Quality Center
Information Management and Technology Assurance
Peer Review
Personal Financial Planning
Professional Ethics
Tax
Young CPA Network
Research
Standards
Exposure Drafts
White Papers and Studies
Technical Hotline
External Links
Health Care Reform
CPA Horizons 2025
Small Business Relief
Career
Career Paths
Salary Info
Marketing Toolkit
Mentoring
Job Boards
Work-Life Balance
Women in the Profession
Diversity and Inclusion
Become a CPA
Getting Started
Scholarships
Licensure
FAQs
CPA Exam
Advocacy
Federal Issues
State
Tax
International
Legal
The CPA Advocate
For the Public
Audit Committee Effectiveness
Code of Conduct
Disciplinary Actions
Financial Literacy
Find A CPA
Peer Review Firm Terminations
Peer Review Public File
AICPA Store
Home
Interest Areas
Personal Financial Planning
News & Publications
Back to browsing
"Red Flags" Rule
Back to Legislative/Regulatory Page
UPDATE: Obama Signs Law Exempting CPAs from Red Flags Rule (December 2010)
The Red Flag Program Clarification Act of 2010 signed into law on December 18
th
, gives CPAs a permanent exemption from requirements related to identity theft under the Federal Trade Commission’s Red Flags Rule. “The AICPA, with help from state CPA societies nationwide, worked tirelessly on this issue,” said AICPA President and CEO Barry Melancon. “The bill makes clear that CPAs and CPA firms are not classified as “creditors” for the purposes of the [FTC’s] Red Flags Rule” and should not be subject to steps the Institute called “onerous and unnecessary.” Read more from the
Journal of Accountancy
and the AICPA’s
press release
.
UPDATE: Senate Passes Bill Clarifying Red Flags Rule Application (December 2010)
On Nov. 30, the U.S. Senate unanimously passed the
Red Flag Program Clarification Act of 2010
, which clarifies "creditors" for the purposes of the Federal Trade Commission's Red Flags rule. The bill states that CPAs in public practice, in addition to lawyers, doctors, dentists and other health care and service providers, are not classified as creditors as they do not "offer or maintain accounts that pose a reasonably foreseeable risk of identity theft." The bill now heads to a vote in the U.S. House of Representatives. The AICPA and state CPA societies have fought tirelessly for this clarification over the past year. For more information on the Red Flags rule, the AICPA's lawsuit to prevent its enforcement against CPAs and how the rule affects your practice, visit
AICPA.org
. Also, read the
AICPA's statement
on the Senate vote.
UPDATE: Red Flags Rule Enforcement Further Delayed (May 2010)
At the request of several Members of Congress, the Federal Trade Commission (“FTC”) announced, on May 28
th
, 2010, that it
is further delaying enforcement of the “Red Flags” Rule (“Rule”) through December 31, 2010
. The reasoning for the delay, according to the FTC’s press release, is to give time for Congress to consider legislation that would affect the scope of entities covered by the Rule. If Congress passes legislation limiting the scope of the Red Flags Rule with an effective date earlier than December 31, 2010, the FTC will begin enforcement as of that effective date.
The FTC interprets the Rule, issued on November 9, 2007, to cover any public accounting firm which bills clients for services rendered, under the reasoning that a “creditor” includes “any entity that defers payments, even in the normal course of a traditional billing process”. Thus, if a public accounting firm bills clients monthly, this would be considered to be an extension of credit that requires the existence of an internal program, subject to inspection and review, designed to detect, prevent and mitigate client identity theft.
The AICPA does not believe there is any reasonably foreseeable risk of identity theft when CPA clients are billed for services rendered, and has a lawsuit pending in the United States District Court for the District of Columbia (District Court”) which seeks a bar against the application of the FTC rule to CPAs and accounting firms.
For a detailed summary and to access an AICPA-developed practice guide on Red Flags, click
here
.
ADVOCACY: Red Flags Rule (April 2010)
In 2003, Congress passed legislation (Fair and Accurate Credit Transactions Act, or “FACTA”) intended to curb identity theft. Pursuant to this legislation, the FTC issued, on November 9, 2007, a “
Red Flags” rule
that requires “creditors” or “financial institutions” with “covered accounts” to have in place programs to assist in identifying a potential identity theft. Subsequent interpretations by the FTC made clear that the rule covers any CPA who bills clients for services rendered, under the reasoning that a “creditor” includes “any entity that defers payments, even in the normal course of a traditional billing process”. Thus, if a CPA bills clients monthly, this would be considered to be an extension of credit that requires the CPA to have an internal program, subject to inspection and review, designed to detect, prevent and mitigate client identity theft.
Enforcement of the rule has been postponed three times since the original November 1, 2008, effective date, with the current effective date of enforcement scheduled for June 1, 2010. In several instances, the AICPA requested that the FTC exempt CPAs from the regulation and on November 10, 2009,
filed a lawsuit
in the United States District Court for the District of Columbia (District Court”) seeking a bar against application of the FTC rule to CPAs and accounting firms, arguing, in part, that the FTC exceeded its statutory authority by extending the rule to regulate accountants. The AICPA does not believe there is any reasonably foreseeable risk of identity theft when CPA clients are billed for services rendered
While the current effective date continues to be June 1, 2010, the District Court issued an order on March 18, 2010 stipulating that the FTC “will continue to delay enforcement of the Red Flags Rule with respect to members of the AICPA engaged in the practice of public accountancy for ninety (90) days after the U.S. Court of Appeals for the District of Columbia Circuit (“Circuit Court”) renders an opinion in the American Bar Association’s case against the FTC. The American Bar Association, which similarly filed suit against the FTC on August 27, 2009, was granted a summary judgment (in its favor) on October 29, 2009. The FTC’s appeal to the Circuit Court is currently pending.
A
A
A
Print Page
Get a free version of Adobe Acrobat Reader
Copyright © 2006-2013 American Institute of CPAs.
Contact
Privacy & Terms
Jobs
Help
Powered by
an AICPA Subsidiary Delivering Technology Solutions for CPAs